[Clamav-users] Re: Compiling Clamav-0.9RC2 on Solaris Intel

2006-11-28 Thread Ian Abbott
On 27/11/2006 20:19, Jonathan Armitage wrote: Make runs without error, but make install (run as root) fails, complaining that main.cvd and daily.cvd are not in /usr/local/share/clamav: make[1]: Entering directory `/mydir/clamav-0.90rc2/database' /bin/bash ../mkinstalldirs /usr/local/share/clama

[Clamav-users] Re: How to run clamscan for a list of files from a file?

2006-11-28 Thread Ian Abbott
On 27/11/2006 23:32, Chris Purves wrote: I have a list of files that I have written to a file and I would like clamscan to read the list from that file and scan only the files in the list. Is there a good way to do this? I have tried cat filelist | xargs clamscan This works, except that xar

Re: [Clamav-users] Re: How to run clamscan for a list of files from a file?

2006-11-28 Thread Chuck Swiger
On Nov 28, 2006, at 3:13 AM, Ian Abbott wrote: You'll also find that it fails for file names containing whitespace, quote marks, or backslashes. To work around that, you could use tr '\n' '\0' < filelist | xargs -0 clamscan or generate the filelist with null-separated filenames in the firs

[Clamav-users] submit-to-publish time much too long for phishing

2006-11-28 Thread Per Jessen
This is not really complaint, perhaps just an observation. On 25/11 around 1000CET I submitted a sample and again on 26/11 also around 1000 I submitted a second sample - both phishing. I've only just today around 1800CET received confirmation for both. This is respectively about 56 and 32 hours

Re: [Clamav-users] submit-to-publish time much too long for phishing

2006-11-28 Thread Dennis Peterson
Per Jessen wrote: This is not really complaint, perhaps just an observation. On 25/11 around 1000CET I submitted a sample and again on 26/11 also around 1000 I submitted a second sample - both phishing. I've only just today around 1800CET received confirmation for both. This is respectively

Re: [Clamav-users] submit-to-publish time much too long for phishing

2006-11-28 Thread Per Jessen
Dennis Peterson wrote: > I'm not aware of any systems that have been disabled or rendered > useless be even the most aggressive phishing scheme. Nor am I. > The best defense against phishing is and has always been education, > fwiw. Doesn't that apply to virus too? > Given the ease with w

Re: [Clamav-users] Re: How to run clamscan for a list of files from a file?

2006-11-28 Thread Chris Purves
Ian Abbott wrote: On 27/11/2006 23:32, Chris Purves wrote: I have a list of files that I have written to a file and I would like clamscan to read the list from that file and scan only the files in the list. Is there a good way to do this? I have tried cat filelist | xargs clamscan This wor

Re: [Clamav-users] submit-to-publish time much too long for phishing

2006-11-28 Thread Dennis Peterson
Per Jessen wrote: Dennis Peterson wrote: The best defense against phishing is and has always been education, fwiw. Doesn't that apply to virus too? Of course. And the point is you don't have to come to harm if a phishing pattern is not available. Given the ease with which these ca

Re: [Clamav-users] submit-to-publish time much too long for phishing

2006-11-28 Thread Per Jessen
Per Jessen wrote: >> The best defense against phishing is and has always been education, >> fwiw. > Quick additional comment - I used to use the very same argument, but experience and age have taught me that people are stupid. /Per Jessen, Zürich

Re: [Clamav-users] submit-to-publish time much too long for phishing

2006-11-28 Thread Per Jessen
Dennis Peterson wrote: > And the point is you don't have to come to harm if a > phishing pattern is not available. That depends on your expectations. If you're purely using it for your own personal protection, you're absolutely right. If you're using it as a service to others, whether employees

Re: [Clamav-users] submit-to-publish time much too long for phishing

2006-11-28 Thread Dennis Peterson
Per Jessen wrote: Dennis Peterson wrote: And the point is you don't have to come to harm if a phishing pattern is not available. That depends on your expectations. If you're purely using it for your own personal protection, you're absolutely right. If you're using it as a service to others,

Re: [Clamav-users] How to run clamscan for a list of files from a file?

2006-11-28 Thread Chris Purves
Dennis Peterson wrote: What I am actually trying to do is have clamscan only scan files that are new or have not changed since the last scan. I have gotten as far as creating a filelist containing a list of files that are new or where the md5sum has changed. The problem I have now is how to g

Re: [Clamav-users] submit-to-publish time much too long for phishing

2006-11-28 Thread Gerard Seibert
On Tuesday November 28, 2006 at 02:13:29 (PM) Per Jessen wrote: > Quick additional comment - I used to use the very same argument, but > experience and age have taught me that people are stupid. I would not say that. Perhaps absent-minded, absorbed, abstracted, aimless, amnesic, benighted, bird-b

Re: [Clamav-users] submit-to-publish time much too long for phishing

2006-11-28 Thread Per Jessen
Gerard Seibert wrote: > however, I believe 'stupid' is too harsh. Perhaps - but a great deal more concise :-) /Per Jessen, Zürich ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-user

Re: [Clamav-users] How to run clamscan for a list of files from a file?

2006-11-28 Thread Dennis Peterson
Chris Purves wrote: Dennis Peterson wrote: What I am actually trying to do is have clamscan only scan files that are new or have not changed since the last scan. I have gotten as far as creating a filelist containing a list of files that are new or where the md5sum has changed. The problem I

Re: [Clamav-users] submit-to-publish time much too long for phishing

2006-11-28 Thread Per Jessen
Dennis Peterson wrote: > To blame ClamAV for letting you down is unkind and inaccurate. Perhaps you would care to state the purposes of ClamAVs phishing detection? Admittedly, I have not read up on it myself, but merely assumed it was to provide reasonable means of protection against phishing

Re: [Clamav-users] submit-to-publish time much too long for phishing

2006-11-28 Thread Dennis Peterson
Per Jessen wrote: Dennis Peterson wrote: To blame ClamAV for letting you down is unkind and inaccurate. Perhaps you would care to state the purposes of ClamAVs phishing detection? To make money. Admittedly, I have not read up on it myself, but merely assumed it was to provide reasonabl

Re: [Clamav-users] How to run clamscan for a list of files from a file?

2006-11-28 Thread Jan-Pieter Cornet
On Tue, Nov 28, 2006 at 01:03:18PM -0700, Chris Purves wrote: > >- Create a directory in /tmp. In that directory create soft links that > >reference > >your files. Run clamscan on the links. Check the logs for viruses. Delete > >the links. Delete the directory. > > > This sounded like a good idea,

Re: [Clamav-users] How to run clamscan for a list of files from a file?

2006-11-28 Thread René Bellora
This sounded like a good idea, so I gave it a try. After spending a few hours to script the softlinks I got it to work for small file lists, but it still doesn't work for lots of files (~5000). When I run 'clamscan /tmp/clamscan/*' I get the following error: /usr/bin/clamscan: Argument l

Re: [Clamav-users] How to run clamscan for a list of files from a file?

2006-11-28 Thread Dennis Peterson
René Bellora wrote: This sounded like a good idea, so I gave it a try. After spending a few hours to script the softlinks I got it to work for small file lists, but it still doesn't work for lots of files (~5000). When I run 'clamscan /tmp/clamscan/*' I get the following error: /usr/bin

Re: [Clamav-users] How to run clamscan for a list of files from a file?

2006-11-28 Thread Todd Lyons
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, Nov 28, 2006 at 05:55:44PM -0300, René Bellora wrote: >this could be circumvented with xargs: >cd /tmp/clamscan >find . -type f -print0 | xargs -0 clamscan If clamscan is complaining about a too long commandline with *, then this will give hi

Re: [Clamav-users] How to run clamscan for a list of files from a file?

2006-11-28 Thread Steve Holdoway
On Tue, 28 Nov 2006 13:58:22 -0800 Dennis Peterson <[EMAIL PROTECTED]> wrote: > René Bellora wrote: > > > > >>> This sounded like a good idea, so I gave it a try. After spending a > >>> few hours to script the softlinks I got it to work for small file > >>> lists, but it still doesn't wor

Re: [Clamav-users] How to run clamscan for a list of files from a file?

2006-11-28 Thread René Bellora
Todd Lyons escribió: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, Nov 28, 2006 at 05:55:44PM -0300, René Bellora wrote: this could be circumvented with xargs: cd /tmp/clamscan find . -type f -print0 | xargs -0 clamscan If clamscan is complaining about a too long commandline

Re: [Clamav-users] How to run clamscan for a list of files from a file?

2006-11-28 Thread Josh Tolbert
On Tue, Nov 28, 2006 at 02:19:22PM -0800, Todd Lyons wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > On Tue, Nov 28, 2006 at 05:55:44PM -0300, René Bellora wrote: > > >this could be circumvented with xargs: > >cd /tmp/clamscan > >find . -type f -print0 | xargs -0 clamscan > > If cla

Re: [Clamav-users] How to run clamscan for a list of files from a file?

2006-11-28 Thread Todd Lyons
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, Nov 28, 2006 at 07:27:57PM -0300, René Bellora wrote: >>>find . -type f -print0 | xargs -0 clamscan >>If clamscan is complaining about a too long commandline with *, then >>this will give him the same error. >no, it won't. The xargs command kn

Re: [Clamav-users] How to run clamscan for a list of files from a file?

2006-11-28 Thread Chris Purves
Todd Lyons wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, Nov 28, 2006 at 05:55:44PM -0300, René Bellora wrote: this could be circumvented with xargs: cd /tmp/clamscan find . -type f -print0 | xargs -0 clamscan If clamscan is complaining about a too long commandline with *, the

Re: [Clamav-users] How to run clamscan for a list of files from a file?

2006-11-28 Thread Chris Purves
Dennis Peterson wrote: René Bellora wrote: This sounded like a good idea, so I gave it a try. After spending a few hours to script the softlinks I got it to work for small file lists, but it still doesn't work for lots of files (~5000). When I run 'clamscan /tmp/clamscan/*' I get the fol

[Clamav-users] Choosing best MaxThreads value for clamd?

2006-11-28 Thread Tom Samplonius
How do you choose the best MaxThreads value for a dedicated mail server? Should MaxThreads be each to double the number of cores, or something like that? What happens if MaxThreads is set too high? Too low? Tom ___ Help us build a comprehensive C

Re: [Clamav-users] How to run clamscan for a list of files from a file?

2006-11-28 Thread Dennis Peterson
Chris Purves wrote: Dennis Peterson wrote: As the requirements have evolved it seems more likely a Perl solution is most attractive both for creating the list and for logging the results. And it will eliminate the earlier suggestion of using soft links. This looks interesting: http://www.fp